GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,909
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,044
Maven 5,228
npm 3,736
NuGet 663
pip 3,414
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,245

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

192 advisories

Filter by severity

Sort by

Least recently updated

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such... Moderate Unreviewed

CVE-2021-39272 was published May 24, 2022

In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment... Moderate Unreviewed

CVE-2021-37540 was published May 24, 2022

In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted... Moderate Unreviewed

CVE-2021-37546 was published May 24, 2022

In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256. Moderate Unreviewed

CVE-2021-37551 was published May 24, 2022

In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data. Moderate Unreviewed

CVE-2021-37588 was published May 24, 2022

In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data. Moderate Unreviewed

CVE-2021-37587 was published May 24, 2022

A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS,... Moderate Unreviewed

CVE-2021-36769 was published May 24, 2022

IBM Cloud Pak for Applications 4.3 uses weaker than expected cryptographic algorithms that could... Moderate Unreviewed

CVE-2021-20369 was published May 24, 2022

SICK Visionary-S CX up version 5.21.2.29154R are vulnerable to an Inadequate Encryption Strength... Moderate Unreviewed

CVE-2021-32496 was published May 24, 2022

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2... Moderate Unreviewed

CVE-2021-31615 was published May 24, 2022

Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1... Moderate Unreviewed

CVE-2021-25392 was published May 24, 2022

In VOS compromised, an attacker at network endpoints can possibly view communications between an... Moderate Unreviewed

CVE-2018-16499 was published May 24, 2022

The flash read-out protection (RDP) level is not enforced during the device initialization phase... Moderate Unreviewed

CVE-2020-27208 was published May 24, 2022

The NPort IA5000A Series devices use Telnet as one of the network device management services.... Moderate Unreviewed

CVE-2020-27184 was published May 24, 2022

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired... Moderate Unreviewed

CVE-2020-24587 was published May 24, 2022

Using techniques that built on the slipstream research, a malicious webpage could have scanned... Moderate Unreviewed

CVE-2021-23982 was published May 24, 2022

An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the insecure rand() function... Moderate Unreviewed

CVE-2021-23126 was published May 24, 2022

Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application... Moderate Unreviewed

CVE-2020-12702 was published May 24, 2022

In the ownCloud application before 2.15 for Android, the lock protection mechanism can be... Moderate Unreviewed

CVE-2020-36250 was published May 24, 2022

IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic... Moderate Unreviewed

CVE-2021-20406 was published May 24, 2022

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query,... Moderate Unreviewed

CVE-2020-25685 was published May 24, 2022

Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library... Moderate Unreviewed

CVE-2020-20949 was published May 24, 2022

Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications... Moderate Unreviewed

CVE-2020-20950 was published May 24, 2022

Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30... Moderate Unreviewed

CVE-2020-8761 was published May 24, 2022

FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with... Moderate Unreviewed

CVE-2020-9128 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

192 advisories